well i now have a log in script that grabs the correct pass and makes sure you have the correct pass etc...

but i wanna know what is the best way to do a log in...

should i use cookies... or there are ways in mySQL i think... could i also use like the session function with php?

i am very new to cookies and the session function

what is the best method do you think?

how would i go about coding it in?

thanks!
-chady

I would probably go with sessions. See http://us3.php.net/session for more info.

so i would need to add in a session and have it start on log in... and then grab to see if the session is true on each "member only" page

correct?

is there a way i can store the sessions value in a variable... so i can go like

if ($userloggedin)
{
echo 'whatever';
}

thanks pyro

Well, you'd need to do it a bit differently than that, but it's close:

When thy log in, use something like this to set the session:

session_start();
$_SESSION['loggedin'] = true;

And then, to check if they are logged in, you'd use this:

session_start();
if (isset($_SESSION['loggedin'])) {
#user is logged in
}The main thing to remember is that you must start the session (with session_start()) before you can use it.

Read this tutorial (http://www.zend.com/zend/tut/authentication.php) which explains a good deal about authentication.

thanks again pyro :)
and ill look at that tutorial

Sure thing... :)

Warning: session_start(): Cannot send session cache limiter - headers already sent (output started at /home/chadypu/public_html/profile/login.php:10) in /home/chadypu/public_html/profile/login.php on line 49


i got that error

session_start();
$_SESSION['loggedin'] = true;

the bold line is line 49 :-\

Make sure you haven't written any content to the browser before you call session_start()

thanks again pyro :)
i tried it at the top of my php but not before my html header content

same goes for cookies... you must set the cookie at the top correct?

Yes, any header information must be set before output to the browser has been started (including sessions and cookies).

all headers except like redirect headers correct?
thanks again

Even redirect headers must be set before content is sent to the browser. With PHP 4, however, you can use ob_start() (http://us2.php.net/manual/en/function.ob-start.php) and ob_end_flush() (http://us2.php.net/manual/en/function.ob-end-flush.php) to get around it.

when setting the session how can i include the $uname variable

so on other pages i know what their username is...

how do i put that in the session?

and how could imake the session end... like if they wanted to log out?

To set the session, do something like this:

$username = "foo";
session_start();
$_SESSION['username'] = $username;


And, you use this to end a session:

session_start();
session_unset();
session_destroy();

alright thanks

You are welcome... :)